The Adwind Remote Administration Tool is a backdoor Trojan written in Java language that targets various platforms that support Java files. Adwind does not exploit any vulnerabilities. In most cases, for an infection to succeed, the user must run the malware by double-clicking the .jar file that is usually distributed as an attachment, or opening an infected Microsoft Word document. The infection spreads if the Java Runtime Environment is installed on the user's computer. After the malicious .jar file is executed on the target system, the malware installs silently and connects to a remote server via a preconfigured port to receive commands from a remote attacker and perform other illegal operations.
Note: This asset is in Japanese.